Job Description :
You can direct apply here:
https://youngsoft. secure. force. com/apex/NrichForm?templateId=a1F3n000003KUm8&jo bid=a0t3n00000CNVBy&sourcetype=TechFetch

Complete Description:
· This position is required to protect the health, safety, and welfare of Michigan residents. The incident response team is the primary security team directly responsible for responding, containing and coordinating remediation efforts for all cyber security threats on all managed endpoints, servers, and network.
· The scope of this position extends statewide. Incident response applies to any cyber security event that occurs within State of Michigan networks and infrastructure. Cyber security incident response team must address all of these attacks in a timely manner. This involves the need to identify and prioritize the incidents that represent the most significant risk to State of Michigan assets. In the case of critical incidents, it is imperative to contain the attack and assist in the recovery of systems so that State of Michigan employees can continue to provide key services to state residents and partners.
· Incident response position serves to ensure computer networks and infrastructure remain fully operational, and the integrity of its data is preserved. As such, the incident response team has the following implications:
· Social – continuous or halted delivery of services to state residents, secure or compromised private information of state clients.
· Economic – lower or higher costs of recovery that state residents must absorb.
· Political – sustained or diminished trust in state government.
· Operational – efforts to maintain and restore technical services
· Organizational – collaboration or tensions between organizational units
· Incident response involves investigation of all security events. Incident response team members serve as first responders. They must quickly determine the scope and severity of a security incident, and then decide to either pursue it to resolution or escalate to teams with more specialized knowledge and skills.
· Failure to backfill this position will significantly impair the ability of the IR team to respond to security events.

· In-depth knowledge of security monitoring and incident response – Required – 2 Years
· Knowledge of conducting security investigations – Required – 2 Years
· Experience with using and customizing SIEM products – Desired – 2 Years
· Solid understanding of network protocols and architecture – Required – 2 Years
· Demonstrated experience with performing incident response using industry leading tools – Required – 2 Years
· Experience with network intrusion detection and analysis tools such as Bro, Suricata, Sourcefire, Snort and Wireshark – Required – 2 Years
· Demonstrated experience operating information security tools is required – Required – 2 Years
· Understanding of the tactics, techniques and procedures of advanced attackers – Required – 2 Years
· SANS training – Desired
· CISSP – Desired
· 3-5 years of experience in Security Operations and Incident Response – Required – 3 Years
· Bachelor’s degree or its foreign equivalent in a computer related field – Required